package com.ysd.aspect;

import com.ysd.annotation.AnnotationParse;
import org.aspectj.lang.ProceedingJoinPoint;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;

public class AccessTargetObject {
    //用户本身的权限
    private List userPrivilege = new ArrayList();

    public List getUserPrivilege() {
        return userPrivilege;
    }

    //环绕通知
    public Object accessMethod(ProceedingJoinPoint joinPoint) throws Throwable {
        /** * 得到目标类的class形式 * 得到目标方法 */
        Class targetClass = joinPoint.getTarget().getClass();
        String targetMethodName = joinPoint.getSignature().getName();
        String methodAccess = AnnotationParse.parse(targetClass, targetMethodName);
        boolean flage = false;
//        for (Privilege privilege : userPrivilege) {
//            if (methodAccess.equals(privilege.getName())) {
//                flage = true;
//                break;
//            }
//        }

        HttpServletRequest request= ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        HttpSession session = request.getSession();
        String user = (String) session.getAttribute("user");

        String[] quanxian= methodAccess.split(",");
        List<String> qxs= Arrays.asList(quanxian);

        if (qxs.contains(user)){
            flage = true;
        }
        if (flage) {
            return joinPoint.proceed();
        } else {
            System.out.println("权限不足");
            return null;
        }
    }

}
